The Department of Justice Criminal Division and the Securities and Exchange Commission released on July 3 a second edition of the Foreign Corrupt Practices Act (FCPA) Resource Guide, marking the first substantive changes since it was first published in 2012.
Assistant Attorney General of the Justice Department’s Criminal Division Brian Benczkowski (who has since left the DOJ) and SEC Enforcement Division Co-Directors Stephanie Avakian and Steven Peikin in a joint statement explained the reasoning behind the second edition: “Although many aspects of the Guide continue to hold true today, the last eight years have also brought new cases, new law, and new policies. The Second Edition of the Guide reflects these updates.”
Quite helpfully for chief compliance officers and in-house counsel, this edition codifies into one comprehensive document all recent policy developments, as well as recent enforcement actions and the FCPA Corporate Enforcement Policy; the Selection of Monitors in Criminal Division Matters; Coordination of Corporate Resolution Penalties (the “Anti-Piling on Policy”); and the Criminal Division’s Evaluation of Corporate Compliance Programs guidance. “This was a massive undertaking, incorporating a wide range of legal and policy developments from the last eight years,” says Matt Miner, former Deputy Assistant Attorney General at the Justice Department and now a partner at Morgan Lewis.
Anybody that actively follows FCPA enforcement, related case law, and statements made by enforcement officials won’t find any of the changes to be particularly groundbreaking. “The real benefit is that you have a guide that is relevant and complete,” Miner says. “And as a desk resource, it is second to none.”
That being said, there is still a lot for chief compliance officers and in-house counsel to appreciate about this edition, including:
Expanded guidance concerning the Evaluation of Corporate Compliance Programs. It incorporates the latest updates, announced in June, on the Evaluation of Corporate Compliance Programs guidance. Specifically, the new guide adds significantly more detail concerning confidential reporting and investigations; periodic testing and review; pre- and post-acquisition due diligence in the context of mergers and acquisitions; and expectations around investigations and remediation efforts.
“It’s helpful to have yet another resource in which both the Department of Justice and SEC are pretty clearly setting forth the lens through which they evaluate these programs,” says Rohan Virginkar, a former prosecutor in the Criminal Division and now a partner at law firm Foley & Lardner.
Among new language added in the guide: “The truest measure of an effective compliance program is how it responds to misconduct. Accordingly, for a compliance program to be truly effective, it should have a well-functioning and appropriately funded mechanism for the timely and thorough investigations of any allegations or suspicions of misconduct by the company, its employees, or agents.”
Additional clarity about compliance program expectations from the SEC. Whether and where the SEC’s expectations align with the Justice Department’s expectations regarding compliance program effectiveness has not always been clear, and so it’s worth noting where both agencies use the same vernacular in the edition regarding their evaluation of compliance programs.
For example, new language incorporated in the Evaluation of Corporate Compliance Programs is the question, “Is [the compliance program] being applied earnestly and in good faith? In other words, is the program adequately resourced and empowered to function effectively?”
“That’s an area that is significant because you’re able to see where the SEC has essentially signed onto, through Commission approval of the guide, some of the terms of these DOJ policies,” Miner says.
Another section states: “In addition to considering whether a company has self-reported, cooperated, and taken appropriate remedial actions, DOJ and SEC also consider the adequacy and effectiveness of a company’s compliance program at the time of the misconduct and at the time of the resolution when deciding what, if any, action to take.” (emphasis added to show revisions)
While the Justice Department made this revised policy clear in its updated Justice Manual, the SEC’s stance was not as clear. Thus, this newly added language to the guide is important, especially for issuers who must answer to both the Justice Department and the SEC in investigations. You can have a little more comfort about using the same approach when giving a presentation on your compliance program in the name of receiving credit from both agencies for your compliance program efforts.
Clarity about internal accounting controls versus compliance programs. This edition provides new commentary from the agencies stressing the interplay between internal accounting controls and compliance programs, compared to the original guide that left the word “accounting” out. Specifically, the new edition states, “[a]lthough a company’s internal accounting controls are not synonymous with a company’s compliance program, an effective compliance program contains a number of components that may overlap with a critical component of an issuer’s internal accounting controls.” The significance of that newly added language, Miner says, suggests there should be greater rigor in examining compliance program weaknesses with potential internal accounting control violations.
Further clarity on “successor liability” in mergers and acquisitions. The revised guide notes that, in instances where “robust pre-acquisition due diligence may not be possible,” the agencies “will look to the timeliness and thoroughness of the acquiring company’s post-acquisition due diligence and compliance integration efforts.” Referencing the FCPA Corporate Enforcement Policy, the revised guide also reinforces the point that “in appropriate cases, an acquiring company that voluntarily discloses misconduct may be eligible for a declination, even if aggravating circumstances existed as to the acquired entity.”
“Successor liability—the issue of acquiring someone else’s liability—has become a significant issue,” says Martin Weinstein, a partner at law firm Willkie Farr & Gallagher. In the revised guidance, the government discusses not only cases where they brought enforcement actions, but also cases where they declined to bring an enforcement action as it relates to successor liability, and that’s helpful for in-house counsel and compliance officers as well, he says.
Clarity around FCPA-related definitions. The second edition also further elaborates on specific interpretations of FCPA-related statutory language, including the meaning of the terms “foreign official,” “instrumentality,” and the scope of the term “agent” for assessing corporate liability. The newly added clarifications to the second edition draw upon the last eight years of FCPA-related judicial case law, including notable cases like United States v. Hoskins and United States v. Esquenazi.
“The original edition was really a great resource guide and reference and is something that has been very helpful not just to practitioners who investigate and defend these types of cases, but to compliance professionals as well,” Virginkar says. The second edition significantly builds upon that effort, providing even greater transparency around how these agencies not only investigate and enforce the FCPA, but how they evaluate compliance programs as well.
- Criminal Division
- Department of Justice
- Evaluation of Corporate Compliance Programs
- FCPA Corporate Enforcement Policy
- FCPA Resource Guide
- Foreign Corrupt Practices Act
- Internal Controls
- Lawrence Hoskins
- Regulatory Enforcement
- Regulatory Policy
- Risk Management
- Securities and Exchange Commission
- United States